You catch in infinite loop because if the requested path is login even so redirect to login again

app.use(function (req, res, next) {
// if user is authenticated in the session, carry on
if (req.isAuthenticated())
return next();
// if they aren't redirect them to the home page
if(req.route.path !== '/login')
res.redirect('/login');
next();
});